Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
First Last Prev Next    This bug is not in your last search results.
Bug 1259350 - (CVE-2015-5247) CVE-2015-5247 libvirt: denial of service when volume creation fails on NFS pool
CVE-2015-5247 libvirt: denial of service when volume creation fails on NFS pool
Status: CLOSED NOTABUG
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
impact=low,public=20150903,reported=2...
: Security
Depends On: 1253609
Blocks: 1259352
  Show dependency treegraph
 
Reported: 2015-09-02 08:37 EDT by Vasyl Kaigorodov
Modified: 2016-11-08 11:09 EST (History)
16 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2016-10-20 05:14:20 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Vasyl Kaigorodov 2015-09-02 08:37:52 EDT 
It was reported that libvirt did not perform a proper clean up after volume creation fails on an NFS pool with "root_squash" option enabled.
This leaves the NFS pool in damaged state.
Comment 1 Eric Blake 2015-09-02 10:07:23 EDT 
Fix is public as of 2015-08-02:
https://www.redhat.com/archives/libvir-list/2015-September/msg00018.html
Comment 2 Eric Blake 2015-09-12 11:24:43 EDT 
Libvirt Security Notice:
http://security.libvirt.org/2015/0003.html
Comment 3 Adam Mariš 2015-09-15 04:19:14 EDT 
Upstream patches were released, see the Security Notice above.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.